Anonymous Personalization Trick in Web Parts

My favorite feature of ASP.NET 2.0 is Web Parts. But the anonymous users in ASP.NET cannot save personalization data and can't use Web Parts design options. This article describes how we can solve this problem in a tricky way.

Introduction

ASP.NET 2.0 provides a Web Parts framework, allowing programmers to easily integrate drag ’n drop menus etc. in their web portals. This framework is easy to use and all client based design settings are stored by ASP.NET data providers in an easy way. The developer has nothing to do with the save or load process of Web Parts design based settings. This article will not cover how we can use Web Parts. It’s possible to find lots of articles around the web about Web Parts.

ASP.NET 2.0 Web Parts framework works with the Membership framework as well as the Forms or Windows authentication modes. The problem is that, if you don’t want to use any authentication mode, you can’t use Web Parts. The client user, who will able to change the web site's design with Web Parts, should be authenticated. If not authenticated, the ASP.NET Web Parts framework can’t save users' design settings with data providers and for that reason can’t allow even to switch design modes.

The Idea

If we just need that all users connecting to our web site be authenticated, we need to register all users to our web site's authentication system. We will use Forms Authentication and provide some tricky ways. Users will be registered with our site in a hidden way with some cookie. We will recognize our visitors with their cookie and authenticate them automatically to get Web Parts design options available for them.

Using Hidden Authentication

First, we will set up our web site for Forms Authentication. You just need to modify your Web.Config file as below:

<!--<span class="code-comment">
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
--></span><authenticationmode="Forms"/>

We will provide for each visitor a cookie to recognize the user's identity to be able to show them their design settings. We need an identity name for each visitor. We will create a random guide number to use as identity.

Our cookie name is “Reminder”. You can change the name for your projects. Our Cookie data is the random guide name “UserID” that we generated using .NET Framework's “System.Guid.NewGuid” class. Now we can programmatically recognize our visitors each time they visit our web portal.

We should now authenticate our user with his GUID name "UserID" to our Forms Authentication system. In a normal situation ASP.NET uses cookies to store Forms Authentication data. We will just simulate that process manually.

Now our user is authenticated to our web site with Forms Authentication and can access Web Parts design properties.

We will have lots of visitors designing our web site for themselves and then just never visit again our web site or just delete their cookie and loose their identity as well as their design settings. So why do we need to store all visitor design settings if they haven’t visited our web site since last year? With the code below we connect manually to the ASP.NET Membership data store and delete users settings and profile manually, checking the last activity date of the user.

The scenario starts with checking the Forms Authentication cookie. If we have already authenticated the user, we need not do anything. If there isn’t the Forms Authentication cookie, we check further if we have got our identity cookie. If there is an identity cookie “Reminder”, we can load the user's identity and authenticate it with Forms Authentication. This way, all users' old design settings comes automatically to our web portal. If the user doesn’t have our “Reminder” cookie, we create an identity and store it for that user and authenticate it with the new identity to the authentication system.

After having done all this process, we check for old users and delete the ones which don’t have at least one year activity on the web portal.

Conclusion

You just need to use this system on the "Page_Load" event of your web forms where you are using web parts design properties. Have fun using this tricky method on your future portal developments.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

Share

About the Author

Daron Yöndem is an ASP.NET MVP and INETA Turkey Lead. He is the founder of DEVELOAD Software & Design; a local ISV specialized on RIA development, Silverlight and WPF. Daron has two books about ASP.NET AJAX published in Turkish and is a chronic writer in Turkish press including IT Magazines. He is the software editor of PC Magazine Turkey, a monthly journal. Moreover Daron is a Silverlight editor at the official Microsoft Turkey Developer Community Web Site called yazgelistir.com and Silverlight/VB.NET Editor at nedirTV.com, an INETA UG. He is constantly hosting seminars, training sessions at various universities and private sector.